Google Faces Lawsuit For Tracking Users In Privacy Mode

Google is being sued in a US class action which accuses the search company of invading the privacy of millions of users by pervasively tracking their Internet use through browsers set in “private” mode.

According to the complaint filed in the federal court in California, Google gathers data through Google Analytics, Google Ad Manager and other applications and website plug-ins, including smartphone apps, regardless of whether users click on Google-supported ads. 

Google uses this data to learn about private browsing habits of Chrome users, ranging from seemingly innocuous data that can be used for ad-targeting, such as information about hobbies, interests and favorite foods, to the “most intimate and potentially embarrassing things” that people may search for online, according to the complaint.

Google “cannot continue to engage in the covert and unauthorised data collection from virtually every American with a computer or phone,” the complaint said.

The technology problem at the root of the report is a feature called incognito mode in the Chrome browser, which ironically is one that is supposed to protect people when surfing the internet. Chrome users can turn on incognito mode to protect their browsing history, sessions and cookies from websites that want to use this information for marketing or ad-targeting purposes.
However, the feature has long had a problem in that even when using their mode, people’s activity has still been detectable by websites “for years” due to a FileSystem API implementation, Google Chrome developer Paul Irish has tweeted.

Though Google said it implemented the FileSystem API in a different way in Chrome 76, released last year, the problem persists even in the latest version of Chrome 83, which was released recently, according to a report in ZDNet.

It remains possible to detect incognito mode in Chrome, as well as other Chromium-based browsers, such as Edge, Opera, Vivaldi, and Brave, which share the core of Chrome’s codebase. The complaint claims that Google has yet to set a timeframe to fix the issue.

Search-engine rival DuckDuckGo used news of the class-action suit as an opportunity to laud its own technology, which it offers as an alternative to Google search as a way to allow people to search and use the web privately.

Google Developers:          Reuters:         ZDNet:       Threatpost:     

You Might Also Read: 

The Age Of Surveillance Capitalism Dawns:

Google Challenged For Collecting American Health Data:

 

 

 

« Attacks On Anti-Racism Sites Surge
Nuclear Missile Contractor Hacked »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Baker McKenzie

Baker McKenzie

Baker & McKenzie is an international law firm. Practice areas include Data & Technology.

Ammune.ai

Ammune.ai

Ammune.ai (formerly L7 Defense) helps organizations to protect their infrastructure, applications, customers, employees, and partners against the growing risk of API-borne attacks.

Center for Cyber Safety and Education

Center for Cyber Safety and Education

The Center for Cyber Safety and Education works to ensure that people across the globe have a positive and safe experience online through our educational programs, scholarships, and research.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Learn How To Become

Learn How To Become

At LearnHowToBecome.org, our mission is to help any job-seeker understand what it takes to build and develop a career. We cover many specialist areas including cybersecurity.

Andreessen Horowitz (a16z)

Andreessen Horowitz (a16z)

Andreessen Horowitz (known as "a16z") is a venture capital firm in Silicon Valley, California that backs bold entrepreneurs building the future through technology.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

DoQubiz Technology

DoQubiz Technology

DoQubiz is using the idea of security through obscurity to develop their proprietary Fractal Security Engine that implements a highly resilient data protection protocol.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

Adversa AI

Adversa AI

Adversa's mission is to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents.

Logically.ai

Logically.ai

Logically combines artificial intelligence with expert analysts to tackle harmful and manipulative content at speed and scale.

GreenPages Technology Solutions

GreenPages Technology Solutions

GreenPages provide expert strategic guidance and proven cloud-era solutions for our clients. Every day we help organizations leverage the cloud securely with less risk and cost.

Two Candlesticks

Two Candlesticks

Two Candlesticks is a global cybersecurity service provider delivering high level consultancy, strategy, and frameworks to governments, regulators and midsized companies.

BestDefense

BestDefense

BestDefense offers proactive cybersecurity solutions that adapt in real-time to outpace evolving threats and ensure resilient protection for your critical assets.

WideField Security

WideField Security

WideField Security a venture backed cybersecurity startup helps enterprise protect their identity attack surface.

Element

Element

Element is a new type of communications platform. It combines consumer messaging apps, collaboration tools and video conferencing to replace email, address shadow IT and improve security.